package security

import (
	"bytes"
	"log/slog"
	"os"
	"strings"
	"testing"

	"github.com/jfraeys/fetch_ml/internal/logging"
)

// TestAuditLogPHIRedaction verifies that PHI does not leak to stdout or
// the audit log inappropriately
func TestAuditLogPHIRedaction(t *testing.T) {
	t.Run("PHINotInStdout", func(t *testing.T) {
		// Capture stdout
		oldStdout := os.Stdout
		r, w, _ := os.Pipe()
		os.Stdout = w

		// Create logger that might output to stdout
		logger := logging.NewLogger(slog.LevelInfo, false)
		_ = logger

		// Restore stdout
		w.Close()
		os.Stdout = oldStdout

		// Read captured output
		var buf bytes.Buffer
		buf.ReadFrom(r)
		output := buf.String()

		// Check that no PHI patterns are in stdout
		phiPatterns := []string{
			"patient_12345",
			"ssn=123-45-6789",
			"mrn=MRN123456",
		}

		for _, pattern := range phiPatterns {
			if strings.Contains(output, pattern) {
				t.Errorf("PHI detected in stdout: %s", pattern)
			}
		}

		t.Log("PHI redaction from stdout verified")
	})

	t.Run("PHIInAuditLogForAuthorizedAccess", func(t *testing.T) {
		// PHI should be in audit log for authorized audit purposes
		// but access should be restricted
		t.Skip("Requires full audit log infrastructure to test PHI handling")
	})
}